package com.mywork.controller;

import java.io.IOException;
import java.io.Reader;
import java.security.NoSuchAlgorithmException;
import java.util.Date;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.ibatis.io.Resources;
import org.apache.ibatis.session.SqlSession;
import org.apache.ibatis.session.SqlSessionFactory;
import org.apache.ibatis.session.SqlSessionFactoryBuilder;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.portlet.ModelAndView;











import com.mywork.dao.UserMapper;
import com.mywork.po.Profession;
import com.mywork.po.User;
import com.mywork.service.MD5;
import com.mywork.service.ProfessionService;
import com.mywork.service.UserService;


@Controller
public class LoginController {
	
	@Autowired
	UserService userService;
	@Autowired
	ProfessionService professionService;
	
	@RequestMapping("/login")
	public String test(org.springframework.web.servlet.ModelAndView model,String userId,String password,HttpServletRequest request) throws IOException{
		User user=userService.selectById(userId);
		try {
			password = MD5.getMD5String(password);
		} catch (NoSuchAlgorithmException e) {
			// TODO 自动生成的 catch 块
			e.printStackTrace();
		}
		if(user==null){
			model.addObject("sorry", "请输入正确的帐号");
			return "/login";
		}else if(user.getPassword().equals(password.trim())){
			model.addObject("yes", "恭喜登录成功");
			
			Profession profession = professionService.selectById(user.getProfessionid()+"");
			model.addObject("profession", profession);
			request.getSession(true).setAttribute("user", user);
			request.getSession().setMaxInactiveInterval(1800);
			request.getSession(true).setAttribute("profession", profession);
			request.getSession(true).setAttribute("ctp", request.getContextPath());
			request.getSession(true).setAttribute("permission", profession.getPermission().intValue());
			return "/index";
			
		}else{
			model.addObject("sorry", "请输入正确的密码");
			return "/login";
		}
		
		
		
	   

		
		
	}
}
